Tripwire Announces SecureCheq for Windows Server 2003

PORTLAND, Ore. — July 9, 2015 — Tripwire, Inc. , a leading global provider of advanced threat, security and compliance management solutions, today announced Tripwire® SecureCheq™ for Windows Server 2003, a new addition to Tripwire’s family of free tools that test for common system configuration errors in Microsoft Windows desktops and servers. The tools also offer detailed remediation guidance on findings.

Microsoft will end extended support for Windows Server 2003 on July 14, 2015, and will no longer offer security updates, hotfixes, online content updates or technical assistance unless custom support agreements are purchased. According to industry analysts, 8 million Windows Server 2003 licenses were still active in late 2014, and a recent AppZero survey estimated that 1.76 million Windows Server 2003 systems will not be migrated by the July deadline.

“It will be more difficult to secure business-critical legacy applications that run on Windows Server 2003, and will significantly increase cybersecurity risks when support for this operating system ends,” said Ken Westin, senior security analyst for Tripwire. “However, there are practical steps that can be taken today to harden these systems and reduce their attack surface. These steps will make it harder for attackers to compromise devices running Windows Server 2003, even in the face of the inevitable onslaught of new zero-day vulnerabilities.”

Tripwire SecureCheq for Windows Server 2003 is a free tool that provides checks for the 20 most common weaknesses and dangerous Windows Server 2003 misconfigurations. With Tripwire SecureCheq, IT professionals can quickly identify the systems that are at the greatest risk of attack and then ensure that proper monitoring and detection controls are enabled. The tool also provides detailed guidance on how to remediate common misconfigurations.

Tripwire SecureCheq for Windows Server 2003 evaluates errors and offers solutions for the following configuration categories:

Operating system hardening.

Data protection.

Communication security.

User account security.

Logs and auditing.

“Many IT teams are very comfortable using Windows Server 2003 for a print or file server because it’s a very stable product, and they know how to patch and maintain it,” said Lane Thames, security researcher for Tripwire. “However, we should expect a new wave of exploits targeting these systems by mid-August. Any organization that hasn’t completed the transition should put in place a hardening plan immediately.”

Additional resources:

About Tripwire

Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics. Learn more at tripwire.com, get security news, trends and insights at tripwire.com/blog or follow us on Twitter @TripwireInc.